CVE-1999-0046 – BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0046
Buffer overflow of rlogin program using TERM environmental variable. • https://www.exploit-db.com/exploits/19203 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-1999-0298
https://notcve.org/view.php?id=CVE-1999-0298
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. • http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp •
CVE-1999-0369 – Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Local Overflow / Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0369
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. • https://www.exploit-db.com/exploits/19128 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/183 •
CVE-1999-0966
https://notcve.org/view.php?id=CVE-1999-0966
Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0966 •
CVE-1999-0051 – SGI IRIX 5.3/6.2 / SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0051
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. • https://www.exploit-db.com/exploits/19066 https://www.exploit-db.com/exploits/19067 https://www.exploit-db.com/exploits/19350 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0051 •